protected function btnLogin_Click($strFormId, $strControlId, $strParameter) { $objLogin = Login::LoadByUsernamePassword(trim(strtolower($this->txtUsername->Text)), $this->txtPassword->Text); if (!$objLogin || !$objLogin->IsAllowedToUseChms()) { $this->lblMessage->Text = 'Invalid email, username or password.'; $this->txtUsername->Blink(); $this->txtPassword->Blink(); $this->txtUsername->Focus(); return; } if ($this->chkRemember->Checked) { setcookie('username', $objLogin->Username, time() + 60 * 60 * 24 * 14, '/', null); } else { setcookie('username', null, 1, '/', null); } QApplication::Login($objLogin); if (array_key_exists('r', $_GET) && $_GET['r']) { QApplication::Redirect($_GET['r']); } else { QApplication::Redirect('/main/'); } }
protected function btnLogin_Click($strFormId, $strControlId, $strParameter) { if ($_SERVER['REMOTE_ADDR'] != "127.0.0.1" && substr($_SERVER['REMOTE_ADDR'], 0, 8) != "192.168.") { $ip_array = json_decode(file_get_contents("http://192.168.1.168:8888/eBayBO/service.php?action=getClientIp")); //file_put_contents("/tmp/xx.log", print_r($ip_array, true)); if (!in_array($_SERVER['REMOTE_ADDR'], $ip_array)) { $blnError = true; $this->txtUsername->Warning = QApplication::Translate('Invalid username or password.'); return 0; } } $blnError = false; $strUsername = $this->txtUsername->Text; $strPassword = $this->txtPassword->Text; $objUserAccount = UserAccount::LoadByUsername($strUsername); $errorMessage = QApplication::Translate('Invalid username or password.'); // Check if that username exists if (!$objUserAccount) { $blnError = true; $this->txtUsername->Warning = $errorMessage; } elseif (!$objUserAccount->ActiveFlag) { $blnError = true; $this->txtUsername->Warning = $errorMessage; } elseif (sha1($strPassword) != $objUserAccount->PasswordHash) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } else { QApplication::Login($objUserAccount); // If the user has access to the assets module, send them there. Otherwise, send them to the home module. $objRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2); if ($objRoleModule->AccessFlag) { QApplication::Redirect('./inventory/'); } else { Qapplication::Redirect('./home/'); } } }
///////////////////////////// // Start Session Handler (if required) ///////////////////////////// session_start(); ///////////////////////////// // Perform Login (if applicable) ///////////////////////////// if (array_key_exists('intPersonId', $_SESSION)) { $objPerson = Person::Load($_SESSION['intPersonId']); if ($objPerson) { QApplication::$LoginForDisplay = $objPerson; switch ($objPerson->PersonTypeId) { case PersonType::Administrator: case PersonType::Contributor: case PersonType::Moderator: QApplication::$Login = $objPerson; } } } ////////////////////////////////////////////// // Setup Internationalization and Localization (if applicable) // Note, this is where you would implement code to do Language Setting discovery, as well, for example: // * Checking against $_GET['language_code'] // * checking against session (example provided below) // * Checking the URL // * etc. // TODO: options to do this are left to the developer ////////////////////////////////////////////// if (isset($_SESSION)) { if (array_key_exists('country_code', $_SESSION)) { QApplication::$CountryCode = $_SESSION['country_code'];
protected function btnLogin_Click($strFormId, $strControlId, $strParameter) { $blnError = false; $strUsername = $this->txtUsername->Text; $strPassword = $this->txtPassword->Text; $objUserAccount = UserAccount::LoadByUsername($strUsername); $errorMessage = 'Invalid username or password.'; // Check if that username exists if (!$objUserAccount) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } elseif (!$objUserAccount->ActiveFlag) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } elseif (!QApplication::CheckPassword(sha1($strPassword), $objUserAccount->PasswordHash)) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } else { QApplication::Login($objUserAccount); $objAssetRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2); $objInventoryRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 3); $objContactsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 4); $objShippingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 5); $objReceivingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 6); $objReportsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 7); $strRedirect = ''; $intModule = null; if (array_key_exists('strReferer', $_GET)) { $strRedirect = $_GET['strReferer']; } else { if ($objAssetRoleModule->AccessFlag) { // If the user has access to the assets module, send them there, otherwise... $strRedirect = __SUBDIRECTORY__ . '/assets/'; $intModule = 2; } else { if ($objInventoryRoleModule->AccessFlag) { $strRedirect = __SUBDIRECTORY__ . '/inventory/'; $intModule = 3; } else { if ($objContactsRoleModule->AccessFlag) { $strRedirect = __SUBDIRECTORY__ . '/contacts/'; $intModule = 4; } else { if ($objShippingRoleModule->AccessFlag) { $strRedirect = __SUBDIRECTORY__ . '/shipping/'; $intModule = 5; } else { if ($objReceivingRoleModule->AccessFlag) { $strRedirect = __SUBDIRECTORY__ . '/receiving/'; $intModule = 6; } else { if ($objReportsRoleModule->AccessFlag) { $strRedirect = __SUBDIRECTORY__ . '/reports/'; $intModule = 7; } } } } } } } QApplication::Redirect($strRedirect); } }
<?php require dirname(__FILE__) . '/../../includes/prepend.inc.php'; $strPayload = QApplication::PathInfo(0); try { QCryptography::$Key = file_get_contents(__INCLUDES__ . '/../sso_key.txt'); $objCrypto = new QCryptography(); $strPayload = $objCrypto->Decrypt($strPayload); } catch (Exception $objExc) { QApplication::Logout(); QApplication::Redirect('/'); } $strTokens = explode("_", $strPayload); if (count($strTokens) != 2) { QApplication::Logout(); QApplication::Redirect('/'); } $strUsername = $strTokens[0]; $intTime = $strTokens[1]; if ($intTime < time() - 5 || $intTime > time() + 5) { QApplication::Logout(); QApplication::Redirect('/'); } $objLogin = Login::LoadByUsername($strUsername); if (!$objLogin) { QApplication::Logout(); QApplication::Redirect('/'); } QApplication::Login($objLogin); QApplication::Redirect('/');
protected function btnLogin_Click($strFormId, $strControlId, $strParameter) { $blnError = false; $strUsername = $this->txtUsername->Text; $strPassword = $this->txtPassword->Text; $objUserAccount = UserAccount::LoadByUsername($strUsername); $errorMessage = 'Invalid username or password.'; $objHasher = new PasswordHash(8, PORTABLE_PASSWORDS); // Check if that username exists if (!$objUserAccount) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } elseif (!$objUserAccount->ActiveFlag) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } elseif (!$objHasher->CheckPassword(sha1($strPassword), $objUserAccount->PasswordHash)) { $blnError = true; $this->txtPassword->Warning = $errorMessage; } else { QApplication::Login($objUserAccount); $objAssetRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2); $objInventoryRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 3); $objContactsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 4); $objShippingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 5); $objReceivingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 6); $objReportsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 7); if (array_key_exists('strReferer', $_GET)) { QApplication::Redirect($_GET['strReferer']); } else { if ($objAssetRoleModule->AccessFlag) { // If the user has access to the assets module, send them there, otherwise... QApplication::Redirect('./assets/'); } else { if ($objInventoryRoleModule->AccessFlag) { Qapplication::Redirect('./inventory/'); } else { if ($objContactsRoleModule->AccessFlag) { Qapplication::Redirect('./contacts/'); } else { if ($objShippingRoleModule->AccessFlag) { Qapplication::Redirect('./shipping/'); } else { if ($objReceivingRoleModule->AccessFlag) { Qapplication::Redirect('./receiving/'); } else { if ($objReportsRoleModule->AccessFlag) { Qapplication::Redirect('./reports/'); } } } } } } } } }